50748 matches found
Diebold Nixdorf Vynamic View Console 5.3.1 DLL Hijacking
Exploit Title: DLL Hijacking in Diebold Nixdorf Vynamic View Console 5.3.1 Banking Software Date: 2023-08-04 Exploit Author: Matei Josephs Vendor Homepage:https://www.dieboldnixdorf.com/ Version: Diebold Nixdorf Vynamic View Console 5.3.1 CVE : CVE-2023-36344 Introduction ================= An iss...
Wondershare Filmora 12.2.9.2233 Unquoted Service Path
Exploit Title: Wondershare Filmora 12.2.9.2233 - Unquoted Service Path Date: 2023/04/23 Exploit Author: msd0pe Vendor Homepage: https://www.wondershare.com My Github: https://github.com/msd0pe-1 Wondershare Filmora: Versions = wmic service get name,pathname,displayname,startmode | findstr /i auto...
Zstore 6.6.0 Cross Site Scripting
Title: zstore-6.6.0 - XSS-Reflected Development: nu11secur1ty Date: 01.29.2023 Vendor: https://zippy.com.ua/ Software: https://github.com/leon-mbs/zstore/releases/tag/6.5.4 Reproduce: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.5.4 Description: The value of...
Email-Worm.Win32.Pluto.b Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/60a7d5e2d446110d84ef65f6a37af0eb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Email-Worm.Win32.Pluto.b Vulnerability: Insecure Permissions Description: The malware writes a dir a...
PHPJabbers Simple CMS 5 Cross Site Scripting
Document Title: =============== PHPJabbers Simple CMS v5 - Persistent XSS Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2300 Release Date: ============= 2021-10-28 Vulnerability Laboratory ID VL-ID: ====================================...
VMware ESXi OpenSLP Heap Overflow
!/usr/bin/python3 CVE-2021-21974 PoC Exploit By: Johnny Yu @staightblast Tested against: 1 VMware ESXi 6.7.0 build-14320388 ; VMware ESXi 6.7.0 Update 3 2 VMware ESXi 6.7.0 build-16316930 ; VMware ESXi 6.7.0 Update 3 import sys import time import trace import queue import struct import socket...
ERPNext 12.18.0 / 13.0.0 Cross Site Scripting
Trovent Security Advisory 2103-02 Multiple XSS vulnerabilities in ERPNext 13.0.0/12.18.0 Overview Advisory ID: TRSA-2103-02 Advisory version: 1.0 Advisory status: Public Advisory URL: https://trovent.io/security-advisory-2103-02 Affected product: ERPNext Tested versions: 12.18.0 and 13.0.0 beta...
Sitecore CVE-2025-27218 BinaryFormatter Deserialization
This Metasploit module exploits a .NET deserialization vulnerability in Sitecore Experience Manager XM and Experience Platform XP 10.4 by injecting a malicious Base64-encoded BinaryFormatter payload into an HTTP header. This module requires Metasploit: https://metasploit.com/download Current...
pgAdmin 8.4 Code Execution
============================================================================================================================================= | Title : pgAdmin 8.4 PHP Code Execution Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 64 bits ...
SnipeIT 6.2.1 Cross Site Scripting
Exploit Title: SnipeIT 6.2.1 - Stored Cross Site Scripting Date: 06-Oct-2023 Exploit Author: Shahzaib Ali Khan Vendor Homepage: https://snipeitapp.com Software Link: https://github.com/snipe/snipe-it/releases/tag/v6.2.1 Version: 6.2.1 Tested on: Windows 11 22H2 and Ubuntu 20.04 CVE: CVE-2023-5452...
Splunk XSLT Upload Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk Authenticated XSLT Upload RCE', 'Description' = %q This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk...
Loytec L-INX Automation Servers Information Disclosure / Cleartext Secrets
CVE : CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389 + Title : Multiple vulnerabilities in Loytec L-INX Automation Servers + Vendor : LOYTEC electronics GmbH + Affected Products : LINX-151, Firmware 7.2.4, LINX-212, firmware 6.2.4 + Affected Components : L-INX Automation Servers +...
FAST TECH CMS 1.0 Cross Site Request Forgery
==================================================================================================================================== | Title : FAST TECH CMS v1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 73.0.132-bit | | Vendor...
Chamilo 1.11.18 Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Chamilo unauthenticated command injection in PowerPoint upload', 'Description' = %q Chamilo is an e-learning platform, also called Learning...
Hikvision Hybrid SAN Ds-a71024 SQL Injection
Exploit Title: Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution Date: 16 July 2023 Exploit Author: Thurein Soe CVE : CVE-2022-28171 Vendor Homepage: https://www.hikvision.com Software Link: N/A Refence Link: https://cve.report/CVE-2022-28171 Version: Filmora 12: Ds-a71024...
Win32.Ransom.BlueSky MVID-2022-0632 Code Execution
Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/961fa85207cdc4ef86a076bbff07a409.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.Ransom.BlueSky Vulnerability: Arbitrary Code Execution Description: The BlueSky...
containerd Image Volume Insecure Handling
containerd: Insecure handling of image volumes containerd's cri plugin handles image volumes containing path traversals insecurely. This can be used to copy arbitrary host directories to a container-mounted path. OCI images contain a JSON config file described in...
Backdoor.Win32.Hupigon.aaur Unauthenticated Open Proxy
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/16d598c01f7b391986c8c19eded005b1.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aaur Vulnerability: Unauthenticated Open Proxy Description: The malware liste...
Sphider Search Engine 1.3.6 Remote Code Execution
Exploit Title: Sphider Search Engine 1.3.6 - 'wordupperbound' RCE Authenticated Google Dork: intitle:"Sphider Admin Login" Date: 2014-07-28 Exploit Author: Gurkirat Singh Vendor Homepage: http://www.sphider.eu/ Software Link: http://www.sphider.eu/sphider-1.3.6.zip Version: v1.3.6 Tested on:...
Seowon SlC 130 Router Remote Code Execution
Exploit Title: Seowon SlC 130 Router - Remote Code Execution Author: maj0rmil4d - Ali Jalalat Author website: https://secureguy.ir Date: 2020-08-20 Vendor Homepage: seowonintech.co.kr Software Link: http://www.seowonintech.co.kr/en/product/detail.asp?num=150&bigkind=B05&middlekind=B0529 CVE:...
Joomla PrayerCenter 3.0.4 Database Disclosure / SQL Injection
Exploit Title : Joomla PrayerCenter 3.0.4 SQL Injection / Database Disclosure Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 14/02/2019 Vendor Homepage : mlwebtechnologies.com/ Software Download Link : github.com/MLWebTechnologies/PrayerCenter/releases...
Fortinet FortiManager Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Fortinet FortiManager Unauthenticated RCE', 'Description' = %q This module exploits a missing authentication vulnerability affecting FortiManager...
PHPJabbers Hotel Booking System 4.0 Missing Rate Limiting
Exploit Title: PHPJabbers Hotel Booking System v4.0 - No Rate Limit Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/hotel-booking-system/sectionDemo Version: v4.0 Tested on: Windows...
Ultra Mini HTTPd 1.21 Denial Of Service
Exploit Title: Ultra Mini HTTPd 1.21 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 2024-01-01 Vendor Homepage: https://acme.com/ Software Link: https://acme.com/ Notification vendor: Yes reported Tested Version: Ultra Mini HTTPd 1.21 Tested on: Window XP Professional -...
Splunk edit_user Capability Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk "edituser" Capability Privilege Escalation', 'Description' = %q A low-privileged user who holds a role that has the "edituser" capability...
Keeper Security Desktop 16.10.2 / Browser Extension 16.5.4 Password Dumper
Exploit Title: Keeper Security desktop 16.10.2 & Browser Extension 16.5.4 - Password Dumping Google Dork: NA Date: 22-07-2023 Exploit Author: H4rk3nz0 Vendor Homepage: https://www.keepersecurity.com/enGB/ Software Link: https://www.keepersecurity.com/enGB/get-keeper.html Version: Desktop App...
Aigital Wireless-N Repeater Mini_Router.0.131229 Cross Site Scripting
Exploit Title: Aigital Wireless-N Repeater - Stored Cross-Site Scripting Exploit Author: Matteo Mandolini Date : 13/04/2023 Vendor Homepage: https://web.archive.org/web/20220625053314/https://www.aigital.com/ Version: MiniRouter.0.131229 XSS Stored POST /boafrm/formHomeWlanSetup HTTP/1.1 Host:...
Teleport 10.1.1 Remote Code Execution
Exploit Title: Teleport v10.1.1 - Remote Code Execution RCE Date: 08/01/2022 Exploit Author: Brandon Roach & Brian Landrum Vendor Homepage: https://goteleport.com Software Link: https://github.com/gravitational/teleport Version: /dev/tcp/10.0.0.1/5555 0&1...
CMSimple_XH 1.7.4 Remote Command Execution
Exploit Title: CMSimpleXH 1.7.4 - Remote Code Execution RCE Authenticated Date: 01-10-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.cmsimple-xh.org/ Software Link: https://www.cmsimple-xh.org/?Downloads Version: 1.7.4 Category: Webapps Tested on: Linux/Windows CMSimpleX...
Canon TR150 Driver 3.71.2.10 Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Canon Driver Privilege Escalation', 'Description' = %q Canon TR150 print drivers versions 3.71.2.10 and below allow local users to read/write fil...
Online News Portal 1.0 SQL Injection
Exploit Title: Online News Portal | 'searchtitle' SQL Injection Exploit Author: Richard Jones Date: 2021-03-15 Vendor Homepage: https://www.sourcecodester.com/php/14741/online-news-portal-using-phpmysqli-free-download-source-code.html Software Link:...
Cisco RV110W 1.2.1.7 Denial Of Service
Exploit Title: Cisco RV110W 1.2.1.7 - 'vpnaccount' Denial of Service PoC Date: 2021-01 Exploit Author: Shizhi He Vendor Homepage: https://www.cisco.com/ Software Link: https://software.cisco.com/download/home/283879340/type/282487380/release/1.2.1.7 Version: V1.2.1.7 Tested on: RV110W V1.2.1.7 CV...
dnsrecon 0.10.0 CSV Injection
Exploit Title: dnsrecon 0.10.0 - CSV Injection Author: Dolev Farhi Date: 2021-01-07 Vendor Homepage: https://github.com/darkoperator/dnsrecon/ Version : 0.10.0 Tested on: ParrotOS 4.10 dnsrecon, when scanning a TXT record such as SPF, i.e.: spf.domain.com, outputs a CSV report -c out.csv with...
Philips Hue Denial Of Service
Credits: Ilia Shnaidman + @0x496c on Twitter + https://www.iliashn.com Vendor: ============= Philips Lighting Holding B.V Product: ============= Philips Hue Hub - all Vulnerability Type: ====================== Denial of Service Security Issue: =============== Philips Hue is vulnerable to Denial...
TapinRadio 2.13.7 Denial Of Service
Exploit Title: TapinRadio 2.13.7 - Denial of Service PoC Date: 2020-05-12 Exploit Author: Ismael Nava Vendor Homepage: http://www.raimersoft.com/ Software Link: www.raimersoft.com/downloads/tapinradiosetupx64.exe Version: 2.13.7 x64 Tested on: Windows 10 Home x64 STEPS Open the program TapinRadio...
EgavilanMedia User Registration And Login System With Admin Panel 1.0 CSRF
Exploit Title: EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF Date: 01-12-2020 Exploit Author: Hardik Solanki Vendor Homepage: http://egavilanmedia.com Software Link:...
Fujitsu Eternus Storage DX200 S4 Broken Authentication
Title: Fujitsu Eternus Storage DX200 S4 Broken Authentication Author: Seccops https://seccops.com Vendor Homepage: https://www.fujitsu.com/global/products/computing/storage/disk/eternus-dx/ Version: Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25 Classifications: OWASP: A2:2017-Broken...
Sentrifugo 3.2 Remote Code Execution
Exploit Title: Sentrifugo Version 3.2 - 'announcements' Remote Code Execution Authenticated Google Dork: N/A Date: 2020.10.06 Exploit Author: Fatih Çelik Vendor Homepage: https://sourceforge.net/projects/sentrifugo/ Software Link: https://sourceforge.net/projects/sentrifugo/ Blog:...
Company Visitor Management System (CVMS) 1.0 SQL Injection
Exploit Title: Company Visitor Management System CVMS 1.0 - Authentication Bypass Date: 16/10/2020 Exploit Author: Oğuz Türkgenç Vendor Homepage: https://phpgurukul.com/company-visitor-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?smdprocessdownload=1&downloadid=96...
WordPress Hash Form 1.1.0 Code Injection
============================================================================================================================================= | Title : WordPress Hash Form 1.1.0 php code injection Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox...
Sample Blog Site 1.0 Remote File Inclusion
============================================================================================================================================= | Title : Sample Blog Site 1.0 File inclusion Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64...
VSFTPD 2.3.2 Denial of Service
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSFTPD 2.3.2 Denial of Service', 'Description' = %q This module triggers a Denial of Service condition in the VSFTPD server in versions before...
Daily Habit Tracker 1.0 Broken Access Control
Exploit Title: Daily Habit Tracker 1.0 - Broken Access Control Date: 2 Feb 2024 Exploit Author: Yevhenii Butenko Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/17118/daily-habit-tracker-using-php-and-mysql-source-code.html Version: 1.0 Tested on:...
JFrog Artifactory SQL Injection
Exploit Title: artifactory low-privileged blind sql injection Google Dork: Date: Exploit Author: ardr Vendor Homepage:https://jfrog.com/help/r/jfrog-release-information/cve-2021-3860-artifactory-low-privileged-blind-sql-injection Software Link:...
FortiWeb VM 7.4.0 build577 CLI Crash
;; ;; FortiWeb VM v7.4.0 build577 Post-auth CLI Crash ;; ;; ... ;; ;; code610 / some debug notes fyi ;; ;; 17.11.2023 @ 23:33 ;; FortiWeb diagnose debug crashlog show 2023-11-16 05:07:00 application cli 2023-11-16 05:07:00 signal Segmentation fault received 2023-11-16 05:07:00 RIP 00007fdd1febf44...
AdminLTE PiHole Broken Access Control
Exploit Title: AdminLTE PiHole ' HTTP requests GET /admin/scripts/pi-hole/php/queryads.php?domain=' HTTP/1.1 HOST: pi.hole Cookie: ..SNIPPED.. ..SNIPPED.. HTTP Response HTTP/1.1 200 OK ..SNIPPED.. data: Match found in ..SNIPPED.. data: data: data:...
AudioCodes VoIP Phones Hardcoded Key
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2022-052 Product: AudioCodes VoIP Phones Manufacturer: AudioCodes Ltd. Affected Versions: Firmware Versions = 3.4.8.M4 Tested Versions: Firmware Version 3.4.4.1000 Vulnerability Type: Use of Hard-coded Cryptographic Key CWE-321 Ris...
Rollout::UI 0.5 Cross Site Scripting
ADVISORY INFORMATION ======================= Exploit Title: Rollout::UI v0.5 Cross-site scripting Date: 2023-05-05 Exploit Author: Eduardo José de Borba Vendor Homepage: https://github.com/fetlife Software Link: https://github.com/fetlife/rollout-ui Type: Cross-Site Scripting CWE-79 Tested on:...
Ivanti Cloud Services Appliance (CSA) Command Injection
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ivanti Cloud Services Appliance CSA Command Injection', 'Description' = %q This module exploits a command injection vulnerability in the Ivanti...
Ubuntu 22.04.1 X64 Desktop Enlightenment 0.25.3-1 Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ubuntu Enlightenment Mount Priv Esc', 'Description' = %q This module exploits a command injection within Enlightenment's enlightenmentsys binary...